baran 0 Posted February 8, 2021 Share Posted February 8, 2021 hi guys how can i solve this problem? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,192 Posted February 8, 2021 Administrators Share Posted February 8, 2021 Do you experience any issues with cleaning the threat? Is it recurring? Link to comment Share on other sites More sharing options...
baran 0 Posted February 8, 2021 Author Share Posted February 8, 2021 Yes, it is constantly detected and deleted on all systems on the network Why do it again? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,192 Posted February 8, 2021 Administrators Share Posted February 8, 2021 Please provide logs collected with ESET Log Collector from such machine. Link to comment Share on other sites More sharing options...
baran 0 Posted February 8, 2021 Author Share Posted February 8, 2021 what log? witch one? you need Default Threat Detection All: None Custom Link to comment Share on other sites More sharing options...
Administrators Marcos 4,192 Posted February 8, 2021 Administrators Share Posted February 8, 2021 Default template is ok unless we explicitly ask to use a non-default one. Link to comment Share on other sites More sharing options...
baran 0 Posted February 8, 2021 Author Share Posted February 8, 2021 here you are thank you efsw_logs.zip Link to comment Share on other sites More sharing options...
Administrators Marcos 4,192 Posted February 8, 2021 Administrators Share Posted February 8, 2021 The malware is being copied to network shares from a remote machine with SR**********S\Administrator logged in. Please carry on as follows: - close any unnecessary network-aware applications that generate network traffic - enable advanced network protection logging in the adv. setup -> tools -> diagnostics - wait until the malware is detected - disable logging - collect fresh logs with ELC. Link to comment Share on other sites More sharing options...
baran 0 Posted February 9, 2021 Author Share Posted February 9, 2021 thank you so much Link to comment Share on other sites More sharing options...
Recommended Posts